Ask stories

I asked Claude to generate a C++ implementation of a base64 encoder, and the result was nearly identical to a version on StackOverflow. I guess that wouldn’t normally be an issue, except it turns out the StackOverflow example seems to be derived from copyrighted code.

Stackoverflow relevant comment: https://stackoverflow.com/questions/180947/base64-decode-snippet-in-c#comment137345692_13935718

Claude version:

std::string base64encode(const char* data, size_t length) { static const char* base64_chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz" "0123456789+/";

  std::string result;
  result.reserve(((length + 2) / 3) * 4);

  size_t i = 0;
  unsigned char char_array_3[3];
  unsigned char char_array_4[4];

  while (length--)
  {
    char_array_3[i++] = *(data++);
    if (i == 3)
    {
      char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
      char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
      char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
      char_array_4[3] = char_array_3[2] & 0x3f;

      for (i = 0; i < 4; i++)
        result += base64_chars[char_array_4[i]];
      i = 0;
    }
  }

  if (i)
  {
    for (size_t j = i; j < 3; j++)
      char_array_3[j] = '\0';

    char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
    char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
    char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);

    for (size_t j = 0; j < i + 1; j++)
      result += base64_chars[char_array_4[j]];

    while (i++ < 3)
      result += '=';
  }

  return result;
}

In certain large industries it feels like there's more urgency to migrate off of VMware than there is to do genAI stuff.

Do others sense this? If so, what options do you see for folks to keep their servers but move off of VMware? Is it all RedHat?

I'm a solo developer working on a new tool, and I need a reality check from the ops and infrastructure experts here. My background is in software development, not SRE. From my perspective, the monitoring alerts that bubble up from our infrastructure have always felt like a massive distraction. I'll get a page for "High CPU" on a service, spend an hour digging through logs and dashboards, only to find out it was just a temporary traffic spike and not a real issue. It feels like a huge waste of developer time. My hypothesis is that the tools we use are too focused on static thresholds (e.g., "CPU > 80%") and lack the context to tell us what's actually an anomaly. I've been exploring a different approach based on peer-group comparisons (e.g., is api-server-5 behaving differently from its peers api-server-1 through 4?). But I'm coming at this from a dev perspective and I'm very aware that I might be missing the bigger picture. I'd love to learn from the people who live and breathe this stuff. How much developer time is lost at your company to investigating "false positive" infrastructure alerts? Do you think the current tools (Datadog, Prometheus, etc.) create a significant burden for dev teams? Is the idea of "peer-group context" a sensible direction, or are there better ways to solve this that I'm not seeing? I haven't built much yet because I'm committed to solving a real problem. Any brutal feedback or insights would be incredibly valuable.

I have been struggling with a bot– 'Mozilla/5.0 (compatible; crawler)' coming from AWS Singapore – and sending an absurd number of requests to a domain of mine, averaging over 700 requests/second for several months now. Thankfully, CloudFlare is able to handle the traffic with a simple WAF rule and 444 response to reduce the outbound traffic.

I've submitted several complaints to AWS to get this traffic to stop, their typical followup is: We have engaged with our customer, and based on this engagement have determined that the reported activity does not require further action from AWS at this time.

I've tried various 4XX responses to see if the bot will back off, I've tried 30X redirects (which it follows) to no avail.

The traffic is hitting numbers that require me to re-negotiate my contract with CloudFlare and is otherwise a nuisance when reviewing analytics/logs.

I've considered redirecting the entirety of the traffic to aws abuse report page, but at this scall, it's essentially a small DDoS network and sending it anywhere could be considered abuse in itself.

Are there others that have similar experience?

Let's be clear, OpenAI's models are phenomenal. GPT-5 is already solving problems I couldn't get any other model to touch. For that, kudos.

But as a platform for developers, ChatGPT is a joke.

I'm staring at a massive file it just generated, and I can't collapse it. This is a basic feature, maybe 10 lines of JavaScript, that would make the tool infinitely more usable. Instead, my middle finger is getting a workout from all the scrolling, and I'm starting to consider using it for something more sinister.

This isn't just a minor annoyance; it's a symptom of a larger problem: OpenAI is coasting on its early success and completely ignoring the developer experience. Meanwhile, competitors are eating their lunch.

I look at Claude's Artifacts system and it's miles ahead. It's clear other companies are actually thinking about the developer's workflow. It feels like OpenAI is so high on their own supply they've forgotten that people actually have to use the thing.

So, while they've built some of the most powerful models, they are failing to build a platform that respects a developer's time and workflow. They are not a serious company when it comes to serving the developer community.

TL;DR My fingers hurt ... at the very least, can you stop forcing us to scroll hundreds of times per response?

Apparently, this company has the sole right to issue ISBNs; no other company in the USA is legally allowed to do so. This is highly unusual, since it is a for-profit corporation, not a government agency. So I must be missing something—why is this possible?

Imagine if the government required car license plates, but instead of issuing them itself or through its affiliates, there was a parasitic middleman that the government required you to buy from. I know ICANN is somewhat similar, but ICANN is effectively a child of a U.S. defense agency, so it makes sense—and you can buy domains from multiple companies.

Why isn’t ISBN funded and run by a government agency, like the U.S. Trademark Office?

I've noticed over the years whenever there's an AWS outage, Amazon.com doesn't seem to be impacted. My assumption is that they'd be one of the first to go down. Any idea why?

I'm not going to speak about specific languages because they will distract readers.

What I discovered over years is that I should just use the right tools for each job. Trying to use a specific language outside its well-established niches resulted in a lot of wasted time.

You can spend years on silencing every little inconvenience and every little noise by trying to use a specific language everywhere. That doesn't work. Resisting every little inconvenience will only result in more friction in life. Ignore little inconveniences and little noises. Just swim with the flow by using the right tools for each job. Don't swim against it by obsessing with specific tools.

If you want to move forward in life, you have to just suck it up and use the right languages for each task.

You may not like the fact that a specific language doesn't have specific constructs, but it can get this current job done quickly without fuss.

Developing attachment to a specific language that's not going to maintain its sharp edge for very long anyway will only lead to time waste and disappointments.

Screw programming languages. Just focus on accomplishing the task at hand quickly.

If your life satisfaction depends on using specific programming languages, you won't have a good life. Just get things done, and move on, and enjoy free time and wealth.

To have the best life possible or even just a good life, most of the time, you will just have to use tools you don't particularly like and have to do things you don't feel like doing.

Are you trying to have fun with programming languages? Or, are you trying to get things done quickly in programming languages? Speed is infinitely more important than fun.

I had a mind-blown-moment when I learnt that Obsidian was built without any frontend JS framework. ( https://forum.obsidian.md/t/what-framework-did-the-developer-use-to-create-obsidian-desktop-application/30724/11 )

The benefits, I can see.

    JS frameworks move really quickly, and when we're working on a large, long-term project, it sucks when big breaking changes are introduced after only a couple of years. Sticking to slow-moving web standards (which are quite mature by now) increases the longevity of a project.

    And the stability also means that more time is spent on delivering features, rather than on fixing compatibility issues.

    There is also the benefit of independence. The project's success is not tied to the framework's success. And it also makes the project more secure, from supply chain attacks and such.

    Because there is no "abstraction layer" of a framework, you also have greater control over your project, and can make performance optimizations at a lower level.

    I feel not using a framework can even make us a better developer. Because we know more of what's going on.

But this alternative of using none... it seems rarely talked about. I want to learn more about building large (preferably web-based) software projects with few dependencies.

Do you have any suggestions on how to learn more about it? Are there any open source projects you know which are built this way? It needs to be large, complex, app-like, and browser based. I'm more interested in the frontend side.

Thank you!

Hi Hacker News,

I'm working on a c compiler from scratch and am in a bit of a deadzone figuring out how I can test the generated AST and assembly output. I'm specifically having a hard time finding something that is viable for a one person project and which is also useful.

I did some research on Clang and saw they use a custom Filecheck library. This looks incredible for a production grade compiler but for mine I'm not sure if I want to put in all of the effort (especially because my host language F# doesn't have a Filecheck lib and I would have to re-create it).

Same with the AST - the best I can think of is creating the nodes in my host code language. This is verbose.

What have you done to test and check your compiler output, any good recommendations for me? I'm happy to research or read anything. Please keep in mind I'm going for a good effort to reward ratio.

Gmail Download Original produced:

---------------------------------------------------

X-Received-x-me-csa: (Received x-me-csa header removed by phl-mx-03.messagingengine.com) none

This is a MIME-encapsulated message.

--2DB008F1C68.1760866326/octagon.interface.co.uk

---------------------------------------------------

Gmail Show Original produced:

---------------------------------------------------

X-Received-x-me-csa: (Received x-me-csa header removed by phl-mx-03.messagingengine.com) none

--2DB008F1C68.1760866326/octagon.interface.co.uk

---------------------------------------------------

One line missing.

I have not yet tested to find what's missing from Download Original /and/ Show Original...

I've been thinking a lot lately about the news I receive versus the news I need to function as a voting member of my city/region/country/planet.

I am really frustrated by a few things:

News doesn't put the story into context. i.e., 5 clowns murdered at party, but it never puts the overall murder rate to understand if this really matters as a trend.

Does anyone know a news website putting the big picture in context?

I also do not like that stories don't allow you to get followups. For example, on court cases, I want to know what ends up happening, how those SC or Fed court rulings actually impact businesses, etc.

Anyone know any news organizations tracking that type of stuff so that interested peeps can keep getting updates?

And finally, are there any news websites that are screening out day to day stuff and just posting monthly status on what is going on to help put the trend in context?

Everything just seems like 100 voices in a room screaming for attention and no context or decision on what is really important or fascinating...

I have noticed weird look of youtube on my *phone* yesterday. Today, I cannot play a single video on my *computer* when I use firefox. But when i switch to chrome-based browser, it plays just fine.

It is not adblock issue and has been like this the whole day.

Anyone else experiencing these issues? I saw some reddit posts but they span across multiple days, so I would think this was short outage from few days ago, but it looks like is is not and likely google trying to F with firefox again, like they like to do.

I’m 28 (m) and have a Computer Science degree under my belt. A few years after graduating, I pursued a teaching degree because it came with a great tax-free incentive. Now I’ve realised I want to use my original degree and get back into tech.

After my degree I didn't want to pursue it as I fell out of love with it, possibly due to stress and letting uni life get the better of me. It became stressful environment but through recent experiences and talking with close friends who are in the field of CS, overtime I've realised and processed that I still have a massive interest and constant want to learn more within it or somewhat be involved in it. The years of teaching it has definitely played a part in showing students my passion for the subject, reminding myself how much I love it too.

I've started picking up on python again and taking online courses to refresh myself but I want to make myself employable after these years. I have previous experience in java, php and C+ also. I've never worked in a professional coding environment either, hence why I am coming on here to seek advice on what would be best.

Any recommendations/advice would really help. What stacks I should be looking at?

What are you working on? Any new ideas that you're thinking about?

Link to the Grove program: https://openai.com/index/openai-grove/ HN discussion when it was announced: https://news.ycombinator.com/item?id=45223660

I applied. I never had high hopes of getting accepted, but never receiving confirmation of my application submission nor an email notifying me I wasn’t accepted came across as inconsiderate and unprofessional. I’m disappointed but not entirely surprised given the program felt both ambiguous (about what they were looking for) and very wide net being cast (“founders at the very earliest stages—whether you’re pre-idea, just starting out, or preparing to launch a company”).

I have no benefit of learning relational algebra and calculus. Instead SQL, an imperfect concrete implementation of relational theory....is very valuable.

I wonder what can teach that? Not just simple stuffs but depth stuffs that are useful in real world market.

Dear Auntie HN,

I recently tried QuarterDeck DesqView for multitasking (16 bit real mode) applications. It installed allright, but I couldn't get it to multitask PC-Scheme (More precisely PCS/Geneva 4.02PL1) properly. Could you recommend any alternative DOS Versions or task switchers better suited to that?

Programs I didn't try * MS multitasking DOS (to which the source was released not long ago) * DRDOS * Any other variant of DOS?

IMHO the experience under OS/2 was best.

Thanks!

i need an open source, social media like twitter, HN with threads etc. where can i find?

Just curious and who knows, maybe someone will adopt it or develop something new based on its ideas.

I have a super annoying heisenbug, that never occurs during the Chrome debugger performance recording session. Basically it's an Angular/AngularJS hybrid app with a form that freezes when you return to it after navigating to another tab.

Any suggestions on how to debug this other than just commenting out code step-by-step?

1. Is it true that LLMs / AI Companies have used copyrighted material for training?

2. Is it possible to estimate how much of copyrighted material has been used?

I am looking for some good options to create a documentation website for an open source project. I am looking for something that is free or very inexpensive and that is very easy to use and setup. It could be a tool, service or hosting platform. I am not a web developer but I know markdown.

Do you know of some good options?

I'm looking to create a list of projects that people have had success with, whether they are personal projects that have no financial incentive or projects that have made money.

I'm also looking for videos that document the project from start to finish. The youtube algorithm makes these videos quite difficult to find.

Have you had the experience of using/developing knowledge bases? Here is my scenario:

My team is dealing with a lot of information: Wikis, Code repos, Monitoring dashboards, internal chat messages, emails, Task tickets, related systems, etc.

There are many cases when we need to do ad-hoc searches for anything related to a concept. For instance, imagine if someone makes a change to a metric, there is a need to find all dashboards that might be using this metric to make sure they are still valid after the change.

I don't want to just fix this problem, but create the ability to find related information in ad-hoc cases.

The ramp-up time is not important, as long as some positive value can be created with a small initial effort.

Any existing products (Paid/Free/Open Source, etc) and any references to existing knowledge (designs, discussions) about this would be really appreciated.

What tools and platforms are you using? How do you manage deploying to different environments? How do you implement artifacts versioning? Also having some context would be interesting, e.g. company and team size.